westdc-zf1/application/module/Users/Account.php

446 lines
11 KiB
PHP
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

<?php
namespace Users;
use \Helpers\View as view;
use \Helpers\dbh as dbh;
use \Users\Member;
use \Mail\Mail;
use \Users\Listener\AccountListener;
use \Users\Listener\EditListener;
use \Users\Listener\PwdListener;
class Account extends \Zend_Controller_Plugin_Abstract
{
public $memberTable = "users";
public $FieldIndex = "id";
public $FieldUsername = "username";
public $FieldPasword = "password";
public $FieldLastlogin = "ts_last_login";
public $FieldEmail = "email";
public $FieldLastloginIp = "last_login_ip";
public $GravatarEmailField = "gravatar_email";
public $FieldRealname = "realname";
public $RoleMember = "member";
private $db;
protected $events = NULL; //事件
/*
需要挂载的事件分别放在不同的listener中将各种操作进行模块化细分
*/
function __construct($initializingListener = TRUE,$db = NULL)
{
if(empty($db))
{
$this->db = \Zend_Registry::get('db');
}else{
$this->db = $db;
}
$this->config = \Zend_Registry::get('config');
if($initializingListener === TRUE)
{
$this->loadListener();
}
}
public function loadListener()
{
//主要操作账号注册登录设置session等
$AccountListener = new AccountListener();
@$this->events()->attachAggregate($AccountListener);
//账户编辑
$EditListener = new EditListener();
@$this->events()->attachAggregate($EditListener);
//账户安全性(找回密码)
$PwdListener = new PwdListener();
@$this->events()->attachAggregate($PwdListener);
}
public function events(\Zend_EventManager_EventCollection $events = NULL)
{
if ($events !== NULL) {
$this->events = $events;
} elseif ($this->events === NULL) {
$this->events = new \Zend_EventManager_EventManager(__CLASS__);
}
return $this->events;
}
//获取账号信息,数组
public function getAccountInfo($id = 0)
{
if($id == 0)
{
$id = view::User('id');
}
$sql = "SELECT * FROM {$this->memberTable} WHERE id=$id";
$rs = $this->db->query($sql);
return $rs->fetch();
}
//注册
public function register($data)
{
$params = compact('data');
$results = $this->events()->trigger('register.checkParam', $this, $params);
$cache_data = $results->bottom();
if($cache_data !== true)
{
if(!is_array($cache_data))
{
return array('error'=>$cache_data);
}else{
return $cache_data;
}
}
$results = $this->events()->trigger('register.checkUser', $this, $params);
$cache_data = $results->bottom();
if($cache_data !== true)
{
if(!is_array($cache_data))
{
return array('error'=>$cache_data);
}else{
return $cache_data;
}
}
$loginData = array(
'username'=>$data['username'],
'password'=>$data['password']
);
$data['password'] = md5($data['password']);
$data['usertype'] = "member";
unset($data['confirm_password']);
$dbh = new dbh();
$id = $dbh->insert($this->memberTable,$data,true);
if(!empty($id) && is_numeric($id))
{
$this->storeLogin($loginData);
$mb = new Member();
$mb->putcookie($data[$this->FieldUsername],$data[$this->FieldPasword]); //username, md5(password)
$params = compact('data','id');
$results = $this->events()->trigger('register.success', $this, $params);
return array("success" => 1);
}else{
if($id === false)
{
return array('error'=>'服务器开小差了,请稍后再试');
}else{
return array('error'=>'服务器处理中遇到错误,请联系管理员');
}
}
}//register
//登陆
public function login($data,$return_user_info = false)
{
$results = $this->events()->trigger('login.checkParam', $this, compact('data'));
$cache_data = $results->bottom();
if($cache_data !== true)
{
if(!is_array($cache_data))
{
return array('error'=>$cache_data);
}else{
return $cache_data;
}
}
$state = $this->storeLogin($data);
$mb = new Member();
$mb->putcookie($data[$this->FieldUsername],md5($data[$this->FieldPasword]));
if(!$return_user_info)
return $state;
else
return view::User();
}//login
//storeLogin
//将登录信息保存在session和cookie中
public function storeLogin($data,$md5verify = true)
{
$auth = \Zend_Auth::getInstance();
$authAdapter = new \Zend_Auth_Adapter_DbTable($this->db);
$authAdapter->setTableName($this->memberTable)
->setIdentityColumn($this->FieldUsername)
->setCredentialColumn($this->FieldPasword);
if(empty($data[$this->FieldPasword]))
{
$password = "0";
}else{
if($md5verify == false)
{
$password = $data[$this->FieldPasword];
}else{
$password = md5($data[$this->FieldPasword]);
}
}
$authAdapter->setIdentity($data[$this->FieldUsername])->setCredential($password);
$result = $auth->authenticate($authAdapter);
if ($result->isValid()) {
$user = $authAdapter->getResultRowObject(null,$this->FieldPasword);
$email = $user->email;
$results = $this->events()->trigger('login.success.createAvatar', $this, compact('email'));
$user->avatar = $results->bottom();
$auth->getStorage()->write($user);
$id = $user->id;
@$results = $this->events()->trigger('login.success.updateStatus', $this, compact('id'));
return array('success'=>1);
}else{
return array("error"=>"登录失败,请重试");
}
return array('error'=>'处理中发现错误,请重试');
}
//注册信息参数
public function getParam(\Zend_Controller_Request_Abstract $request)
{
$data = array(
'username'=>$request->getParam('username'),
'password'=>$request->getParam('password'),
'confirm_password'=>$request->getParam('confirm_password'),
'email'=>$request->getParam('email'),
'realname'=>$request->getParam('realname')
);
return $data;
}
//获取用户账户修改参数
public function getEditParam(\Zend_Controller_Request_Abstract $request)
{
$type = $request->getParam('type');
if($type == "general")
{
$data = array(
'realname'=>$request->getParam('realname'),
'signature'=>$request->getParam('signature'),
'description'=>$request->getParam('description')
);
}
if($type == "password")
{
$data = array(
'password' => $request->getParam('password'),
'password_new'=>$request->getParam('password_new'),
'password_confirm'=>$request->getParam('password_confirm')
);
}
return $data;
}
//编辑
public function edit($data,$type)
{
$results = $this->events()->trigger('edit.checkParam', $this, compact('data','type'));
$cache_data = $results->bottom();
if($cache_data !== true)
{
return $cache_data;
}
if($type == "general")
{
$data['signature'] = htmlspecialchars($data['signature']);
$data['description'] = htmlspecialchars($data['description']);
}else if($type == "password")
{
$data['password'] = md5($data['password_new']);
unset($data['password_new']);
unset($data['password_confirm']);
}else{
return "参数错误";
}
$dbh = new dbh();
$uid = view::User('id');
if($dbh->update($this->memberTable,$data," id=$uid") === true)
{
return true;
}else{
return false;
}
}
//找回密码
public function getMyPassword($email)
{
$results = $this->events()->trigger('pwd.forgot.checkParam', $this, compact('email'));
$cache_data = $results->bottom();
if($cache_data !== true)
{
return $cache_data;
}
$sql = "SELECT * FROM {$this->memberTable} WHERE email='$email'";
$rs = $this->db->query($sql);
$row = $rs->fetch();
if(!isset($row['username']) || empty($row['username']))
{
return array('error'=>"此邮箱并未注册",'place'=>'email');
}
$salt = md5($email.'---'.$row['username']);
$sql = "UPDATE {$this->memberTable} SET salt='$salt' WHERE id={$row['id']}";
$state = $this->db->exec($sql);
if($state<1)
{
return array('error'=>"处理中出现错误,请重试",'place'=>'email');
}
$mail_template = "forgotpassword";
$mail_data = array(
'name'=>$row['realname'],
'link'=> view::getHostLink().'/account/getpassword/salt/'.$salt
);
$mail = new Mail();
$mail->loadTemplate($mail_template,$mail_data);
$mail->addTo($email,$row['realname']);
$mail->send();
return array("success"=>1);
}
//重置密码
public function resetPassword($data)
{
$results = $this->events()->trigger('pwd.reset.checkParam', $this, compact('data'));
$cache_data = $results->bottom();
if($cache_data !== true)
{
return $cache_data;
}
$sql = "SELECT * FROM {$this->memberTable} WHERE salt=?";
$sth = $this->db->prepare($sql);
$sth->execute(array($data['salt']));
$row = $sth->fetch();
if(!isset($row['username']) || empty($row['username']))
{
return array('error'=>"您提供的校验码不正确,请重新申请重置密码",'place'=>'confirm_password');
}
if($row['username'] !== $data['username'])
{
return array('error'=>"您提供的校验码不正确,请重新申请重置密码",'place'=>'confirm_password');
}
$sql = "UPDATE {$this->memberTable} SET password='".md5($data['password'])."',salt='' WHERE id={$row['id']}";
$this->db->exec($sql);
$mail_template = "getpassworded";
$mail_data = array(
'name'=>$row['realname'],
);
$mail = new Mail();
$mail->loadTemplate($mail_template,$mail_data);
$mail->addTo($row['email'],$row['realname']);
$mail->send();
return true;
}
//创建MD5验证字符串
//每个用户有唯一的验证字符串
public function makeMd5Cert($username,$password)
{
return substr(md5($username.$password.$this->config->auth->certmix),5,20);
}
// westdc cross-domain login
public function wcdLogin($uid,$cert)
{
if(!is_numeric($uid))
{
return false;
}
if(empty($cert))
{
return false;
}
$user = new Users;
$data = $user->getUser($uid);
if(empty($data) || !is_array($data) || count($data) < 1)
{
return false;
}
$mcrypt = new \Helpers\MCrypt;
$logindata = $mcrypt->decrypt($cert);
if($logindata == $this->makeMd5Cert($data[$this->FieldUsername],$data[$this->FieldPasword]))
{
$status = $this->storeLogin($data,false);
var_dump($status);
return true;
}else{
return;
}
}
//发送一个Westdc cross-domain login请求
public function postWcdLogin($uid,$username,$md5password)
{
if(empty($uid) || empty($username) || empty($md5password))
{
return false;
}
if(!is_numeric($uid))
{
return false;
}
$cert = $this->makeMd5Cert($username,$md5password);
$mcrypt = new \Helpers\MCrypt;
$logindata = $mcrypt->encrypt($cert);
$url = "http://sjysub/account/wcdlogin";
$curl = new \Helpers\Curl;
$response = $curl->request($url,['id'=>$uid,'cert'=>$logindata]);
echo $response['response'];
}
}